Lecture 3

Switches

1
 Objectives
1. Describe common switch types.
2. Configure custom VLANs.
3. Create and manage VLANs using the
menu interface.
4. Create and manage VLANs using
command-line interface (CLI).
5. Configure link aggregation.
6. Manage multiple switch configurations.
2
 Switches

1. Describe common switch

types
3
 Switches
There are many different types of network switches
according to the management and configuration option,
number of LAN ports, maximum data rate.
The various types of switches contained in a network are:

Unmanaged switch
Smart managed switch
Managed switch
4
 Unmanaged Switch
At the low end of available switches are unmanaged switches.
These are designed to provide connectivity for small networks.

HP 1405-5G
Unmanaged
desktop
Switch

Unmanaged switches provide basic functionality at this

level, such as buffering traffic to avoid collisions.

5
 Unmanaged Switch

OSI Do not
Plug- No No provide
Layer 2
and-play mana- custom any
functio-
operatio gement VLAN monitoring
nality capabilitie
n interface support
only s

6
 Smart Managed Switch
Switch, also known as a web managed switch, support limited
management options. They are, however, more advanced devices
than unmanaged switches and support additional functionality.

Most smart managed switches provide

functionality at OSI Layer 2, but a small
number include some Layer 3
functionality, including support for
simple IP routing.
HP 1620-24G 24-PORT Routing support is usually limited to
10/100/1000 Gigabit Smart static routes only.
Managed Switch
Like unmanaged switches, smart managed
switches can typically be deployed as plug‐
and‐play devices using their default
configurations.
7
Smart Managed Switch Advantages

Smart managed switch Another clear advantage

has management access is that smart managed
through a browser‐based switches include VLAN
management interface, support.
which allows to view You can also configure
port statistics and link aggregation to
manage custom provide a high‐
configurations. bandwidth data path.

8
Smart Managed Switch Limited
• Most switches of this type also have an RJ‐45
console port. Some also have a USB
connection that can be used to connect
directly to the switch. This is similar to the
console connection on managed switches, but
it can typically be used to perform the same
Limited procedures as the web interface.
functionalit • Smart managed switches also include limited
y SNMP support. SNMP management devices
can automatically discover and remotely
monitor smart managed switches. However,
smart managed switches do not support
remote management from an SNMP
management device.
9
 Managed Switch
A network switch is a computer
networking device that connects
devices together on a computer
network.

Switches manage data across a

network by only transmitting a
received message to the device
for which the message was
intended.
Each networked device
connected to a switch can be
identified using a MAC
HP 7510 Switch with 2 48-port
address, allowing the switch to Gig-T PoE+ Modules and
regulate the flow of traffic. 768Gbps MPU
10
Managed Switch functionality

Managed switches support OSI Layer

2 functionality as well as a wide array
of Layer 3 functionality, such as
dynamic routing.

• Support for dynamic updates to

Dynami
network destinations and routes
c to allow for changes in available
routing. routes and network conditions.
11
 Managed Switch interfaces

These switches support a variety of

manual management options, including:

• CLI (console port or over the network);

• Menu interface (console port or over the
network);
• Web interface (over the network only).

12
Managed Switch and SNMP
In addition, most managed switches can be
monitored and configured through SNMP and an
SNMP management console.
Most managed switches are designed to work with
most manufacturers’ SNMP management devices.
To this end, manufacturers make the switch’s MIB
available for download.

Management • A collection of management

information base information about a device for
(MIB). use with SNMP management
13
 Deployment Sample
You might deploy different types of switches in different
physical locations. This allows you to use the type of switch
best suited to each location. It also allows you to save
money by deploying less expensive switches where
additional functionality is not needed.

14
 Summary

• Unmanaged switch
Switch • Smart managed
management
categories switch
• Managed switch

Switch deployment
15
 Switches

2. Configure custom VLANs

16
 Virtual LANs
A Virtual LAN (VLAN) is any
broadcast domain that is
partitioned |pɑːˈtɪʃənd| and
isolated in a computer network.
VLAN can be created on a Layer 2
switch to reduce the size of
broadcast domains to improve
network performance.
The primary difference between
VLAN and subnet is that a VLAN
is implemented at Layer 2 and a
subnet is implemented at Layer 3.
Also, a subnet is based on location
(physical connection), and a Subnet A Subnet B
VLAN is based on port
configuration (logical connection).
17
 Membership in Virtual LANs
Membership in a VLAN depends exclusively on the port to which a
device is attached.
You can configure a VLAN so
that it is made up of ports
located on different physical
switches.
Traffic between ports in the
same VLAN, even if they are
on different switches, is
bridged so that broadcasts
are propagated through the
VLAN.
Traffic between VLANs is
routed, so broadcast traffic
does not cross VLANs. 18
 Virtual LANs (VLANs) Types
• Includes all switch ports when a switch
Default is in its default configuration. In the
default configuration, the default VLAN
VLAN carries both management traffic and
standard network traffic.

• Initially the default VLAN. For HP

switches, the primary VLAN is the only
VLAN on the switch that can receive a
Primary switch‐generated address via DHCP.
VLAN • You can designate a custom VLAN as
the primary VLAN and make it
responsible for some management
functions.
19
Virtual LANs (VLANs) Types
• Management VLAN is used for
managing the switch from a
remote location by using protocols
such as telnet, SSH, SNMP, syslog
etc.
Mana- • Normally the Management VLAN
gement is VLAN 1, but you can use any
VLAN VLAN as a management VLAN.
• To identify a specific VLAN as the
only VLAN from which users can
connect to the switch management
interface.
20
Virtual LANs (VLANs) Types
• When created as a custom VLAN, the
secure management VLAN is an
Secure isolated network specifically used for
Mana- switch management. Access to
gement management functions is then limited
to only those ports configured as secure
VLAN management VLAN members. Traffic
cannot be routed to or from this VLAN.

• Custom VLAN that can be created to

Voice isolate VoIP traffic from other network
VLAN traffic.

21
 Creating a VLAN
The
basic • Define the VLAN
steps name and ID;
for • Transfer ports from
the default VLAN to
creating the new VLAN;
a • Assign an IP address
custom to the VLAN
VLAN (optional).
are: 22
 VLAN links
You often see references to two kinds of VLAN links:
Untagged/Access link; Tagged/ Trunk link.

Untagged/Access • Port linked to a network device

link other than another switch.

Tagged/Trunk • Port linked to another switch.

link
Most links will be Untagged/Access links, linking to
PCs and other network node devices. Tagged/Trunk
links are used when connecting switches.
Tagging is based on the 802.1Q standard.
23
 Access link
Access Links are the most common type of links on any
VLAN switch. All network hosts connect to the switch's
Access Links in order to gain access to the local network.

24
 Trunk link
A Trunk Link, or “Trunk” is a port configured to carry packets
for any VLAN. These type of ports are usually found in
connections between switches. Trunk links are also used to
provide high‐bandwidth communication paths when configuring
multi‐switch VLANs.

25
 Sample Network
A port in a VLAN can be either tagged or untagged. A single
port can allow traffic from multiple VLANs. A port can
belong untagged to one VLAN only, but the port can have
multiple tagged VLANs assigned to it.

26
 Summary

VLAN types and use

Creating and managing custom

VLANs
Viewing and managing ports
27
 Switches

3. Create and manage VLANs using the

menu interface.
28
 Main Menu
First, we will use the menu interface to step through the process
of creating a custom VLAN. Launch the menu interface and
choose 2. Switch Configuration from the main menu to open the
switch configuration menu.

29
 Switch Configuration Menu
From the Switch Configuration Menu, select
7. VLAN Menu

30
 VLAN Menu
We will start • Configure VLAN support
with a look at the parameters.
VLAN Menu • Create and manage VLAN names
command and IDs.
options. Here, • Assign ports to or remove ports
you can: from VLANs.

31
 VLAN Support
As you can see, this switch can support up to 256 VLANs. The
switch is currently set up with the default VLAN configuration,
so the primary VLAN is also the default VLAN (named
DEFAULT_VLAN). GVRP (Generic Attribute Registration
Protocol), a VLAN management protocol, is disabled by default.

32
 VLAN Names
To create a new VLAN, you must define the VLAN. Select
2. VLAN Names to open the VLAN Names Configuration
screen. By default, the Actions menu is selected. Choose
Add from the Actions menu selections and enter the VLAN
information.

33
 New VLAN
Now the VLAN names list includes both DEFAULT_VLAN
and the new VLAN you just created

34
 Default Port Assignments
To add ports to your VLAN, select 3. VLAN Port Assignment from the
VLAN Menu. The VLAN Port Assignment screen shows current port
assignments. Default port assignments are shown in the example, with
all ports assigned to the default VLAN.

35
 Selected Port
To change the port assignments, select Edit from the Actions menu
and use the arrow keys to select the port you want to change

36
 Configured Port
We want to add ports to the DBUsers VLAN. At the selected port,
under the DEFAULT_VLAN column, press the Spacebar until the
value reads No. For the same port, under DBUsers, press the
Spacebar until it reads Untagged. Continue this process for all of
the ports that you want to add to the VLAN.

37
 Switch Configuration Menu
IP Configuration is disabled by default for a newly created
VLAN. You can reach this screen by selecting 4. IP Configuration
from the Switch Configuration Menu (Main menu).

38
 IP Configuration
You can set IP Configuration to DHCP/Bootp to have the
VLAN receive an IP address automatically from a DHCP
server, or you can set IP Configuration to Manual to
configure a static address.

39
 Assigned IP Address
If you want the VLAN to have a known IP address,
you can choose to configure a static IP address.

40
 Summary
Create
and • Define the VLAN name
manage and ID;
• Transfer ports from the
VLANs
default VLAN to the
use the new VLAN;
menu • Assign an IP address to
interface the VLAN (optional).
:
41
 Switches

4. Create and manage VLANs using

command-line interface (CLI)
42
 VLAN Summary
If you return to the CLI, you can run the following command to see a list of
VLANs configured on the switch, along with the VLAN type: show vlans

Notice that DEFAULT_VLAN is still the Primary VLAN. There is no

Management VLAN defined, which means that you can connect to the
switch from any port and perform management activities.
43
 Create a new VLAN
Now we can step through the CLI commands that you would use to
create and name a VLAN. To create a new VLAN, run the
vlan command followed by the VLAN ID. This creates a new VLAN
and automatically switches to the VLAN configuration context for that
VLAN. In this example, the new VLAN will have the default name
VLAN3 .

44
 Adding a Port
The new command prompt would be:
5406zl (vlan-3)#
By default, all ports are configured as untagged.
To configure a tagged port, run the following
command:
5406zl (vlan-3)# tagged <port>
To change a tagged port back into an untagged
port, run:
5406zl (vlan-3)# untagged <port>
45
 Default VLAN Name

• 5406zl (vlan-3)#
If you want
to rename
name Work1
the VLAN
as Work1, • 5406zl (config)#
you would
run: vlan VLAN3 name
Work1

46
 IP Configuration
Use the ip command to configure IP information
for a VLAN. For example:

5406zl (vlan-3)# ip address

192.168.1.14/24
The address is specified using Classless Inter‐
Domain Routing (CIDR) notation. CIDR is
discussed later in this course, but here is a quick
preview: The number after the “/” specifies the
number of bits in the subnet mask, so /24 is
equivalent to a subnet mask of: 255.255.255.0
47
 Port management
Port management for VLANs is done under the vlan
context. However, you can view most port information,
including statistics and counters, from any context. To
view a port summary for the switch, run the following
command:
show interface
If you want to see detailed port counter information for
a single port, include the port number:

show interface 1
This will give you detailed port statistics for the specified
port.
48
 Show interface a1
The information • Link status.
provided • Total bytes, unicasts, and broadcasts
includes the received and transmitted.
following: • Transmit and receive rates.

49
 Layer 3 Management
When you use a switch as a router, you configure the router as
the default gateway for clients, forwarding traffic between the
configured VLANs.

To use the switch as a router, you must enable routing. To do this

from the config context, run the following:
Router(config)# ip routing
50
 Configure default gateway
You must configure the edge switches with a default gateway.
The default gateway must be in same subnet as the management
IP address of the Router.
This is done from the edge switch in the config context.
Assuming a default gateway address of 192.168.10.1, run the
following:

Switch1(config)# ip default-gateway 192.168.10.1

You can use the ping command to test communication from a
switch to a connected device. To test connectivity from Router to
a device connected to one of the edge switches, you would run a
command similar to the following:

Router# ping 192.168.1.108

51
 Configure) ip helper-address
The helper address parameter is used to enable the switch to
forward DHCP requests from all VLANs to a DHCP server in a
different VLAN.
This command must be run separately for each VLAN, using the
vlan context:
Router(vlan-1)# ip helper-address <ip_address>
Note that in this command, you would replace <ip_address>
with the DHCP server’s IP address. A helper address is
configured on the router or Layer 3 switch.
For example, if clients on VLAN 2 should lease IP addresses
from a DHCP server with the address 10.10.5.2, you would run
the following:

Router(vlan2)# ip helper-address 10.10.5.2

52
 Summary

Create and manage VLANs using

command-line interface (CLI)

Port management

Layer 3 Management
53
 Switches

5. Configure link
aggregation
54
 Link Aggregation
Link aggregation, also known as port trunking,
allows you to create a higher bandwidth
communication path by linking multiple physical
ports as a single logical communication channel. HP
uses a standard protocol, called LACP, to manage
port trunking in its switches.
• Also known as link aggregation.
Combining physical ports to create a single
Port trunking communication channel to provide higher
bandwidth communication.

Link Aggregation • Protocol used to control combining

physical ports for use as a single
Control Protocol communication channel. LACP is defined
(LACP) in RFC 802.3ad.
55
Configured Link Aggregation
Configuring link aggregation requires the
config context. The syntax for the command
string is:

trunk <port_id,port_id> trk<id> lacp

Putting actual values to this, you might execute

a command string similar to the following:

trunk 4,5 trk2 lacp

56
 Show trunk
To see the trunks configured on a switch, run the following:
show trunk

The result is labeled as Load Balancing, which is also referred to as

load sharing. This means that the switch will attempt to keep the
traffic between the two ports at the same volume.
57
 Port Status Summary
You can get more information about the configured ports by
running the following: show interface brief 4-5

In this example, both ports have a status of Down because the

switch has nothing physically connected to either of its ports.

58
 Associate a trunk
To associate a trunk with a VLAN, execute the
following in the config context:
vlan <id> tagged trk<id>
For example, to associate trunk 2 with VLAN 10,
run the following: vlan 10 tagged trk2

59
 Summary

Configured Link
Aggregation
Port Status Summary

Associate a trunk
60
 Switches

6. Manage multiple switch configurations

61
 Configuration management
Before working with the switch configuration, you should
verify that the running configuration and the startup
configuration are the same.
You can view the running configuration by executing the
following:

show running-config
To compare the running configuration with the saved
startup configuration, run the following:

show running-config status

If the two are different, remember that you can run the
write memory command to save the running configuration
as the new startup configuration.
62
 Configuration management
Along with configuration data, the software
image used to boot the switch, is stored in flash
memory. Actually, the switch has two software
images: the primary and secondary. These can be
different file versions or can be the same version.
Image files can be copied from the switch to
either a USB drive or TFTP server.

To see the configuration file or files stored in flash

memory on a switch, you can run the following:
show config files
63
 Show config files
This returns a list of configuration files. By default, a switch
will have one configuration. Figure shows a switch
configured with two configuration files.
There can be up to three configuration files.

64
 Configuration Files
• This is the active configuration,
act that is, the configuration used
to boot the switch.

• The configuration associated

pri with the primary software
image.

• The configuration associated

sec with the secondary software
image.
65
 Configuration File Content
You can also look at the configuration information stored in
a config file by running the show config command followed
by the configuration file name. In this case, you would run
the following: show config config

66
 Backing up configuration files
To back up the startup configuration to a USB flash
drive, run the following:

copy startup-config usb <filename>.<ext>

When you execute this command, replace <filename>
and <ext> with actual values. For example:

copy startup-config usb switch1.cfg

You can also back up to a TFTP server, using the
following syntax:

copy startup-config tftp <ip_address> <filename>.<ext>

67
 Copy Configuration File
You also have the option of keeping multiple configuration files
on a switch. You create a new configuration file by copying an
existing file. Consider the following copy command:
copy config baseconfig1 config baseconfig2

68
 Associating Images with Configuration Files
To make the new configuration file the startup configuration file, you would run:

startup-default config <configname>

In this example, you would run the following:

startup-default config baseconfig1

You are prompted to verify your action. You are also warned that the change will not
take effect until after the switch is restarted. The command shown above associates the
baseconfig1 configuration file with the primary and secondary software images.

69
Separate Images – Separate Configurations
You can also associate configuration files with different images. For
example, you could associate config with the primary image and
baseconfig1 with the secondary image. To associate the primary
image only with config, run the following:

startup-default primary config config

70
 Erased Image
The erase command allows you to remove a configuration file from
flash memory. For example, to delete baseconfig2, run the following:

erase config baseconfig2

This removes the configuration file and leaves an open file slot.

71
 Erased Image
If you erase the active configuration file, you are
prompted to replace it with your other configuration
file. In this case, you would get the following message:

The specified configuration file

"baseconfig1" is the default configuration
for the primary and/or secondary boot
image. If it is deleted, the current active
configuration file "config" will be set as the
default. Erase anyway [y/n]?

Press the y key to have the file reconfigured for you.

72
 Show flash
Switch software is stored in flash memory along with the startup
configuration file. There are two software images, which are
identified as the primary and secondary images. By default, the
switch is configured to boot from the primary image.

73
 Using the secondary image
One option for updating system software is to download the file to
a USB drive and then apply the image to the switch’s flash
memory. To copy the software as the secondary image, run:

copy usb flash <filename> secondary

This leaves the primary copy unchanged. Specify “primary” at
the end of the command string if you want to copy the file from
the USB drive to flash memory.

After copying the image to flash memory, your next step should be to
boot from the image to make sure that it works properly. To initiate a
one‐time boot using the secondary image, run the following:

boot system flash secondary

74
 Summary

Сonfiguration files
Backing up configuration files
Startup configuration file
Erase configuration file
Flash memory
75